A criminal whose name has been added to a sanction list compiled by the Office of Foreign Assets Control (OFAC) is highly unlikely to use that exact name when opening a bank account.
However, advancements in data science can help recognise patterns in such cases and generally improve the speed and accuracy of identifying financial crime risks. UK based ComplyAdvantage, which uses data analysis and machine learning, is at the forefront of "RegTech".
ComplyAdvantage VP of sales and marketing, Stephen Ball said the way a sanction-listed person might try and disguise their name, adding middle initials or multi-generational names and switching things around, would evade old mathematical techniques.
"Using data science you can actually do much better matching and kind of find the higher probability names without generating reams of false positives."
In this particular example, Ball said things like fuzzy matching, a technique used in computer-assisted translation as a special case of record linkage, can be used in an optimised manner.
"Historically that's been done with quite old maths and if you use data science now you can look at all sorts of secondary identifiers and other risk signals to be able to work out, is it a potential hit or not.
"The big challenge is the trade-off of false positives. Banks and payments companies typically have to use a very tight matching criteria because if they don't they generate an inordinate number of false positives, which has a huge people element and takes lots of time to look at all of those. But if you can use smarter ways of doing it; detecting other anomalies but with fewer false positives then that's a big win," he said.
ComplyAdvantage helps companies manage their financial crime risk and comply with the regulations around anti-money laundering, sanctions and counter-terrorist financing. The company has built its own dynamic database of individuals and companies that pose financial crime risk.
It uses machine learning to build and maintain this live dataset and the expanding network that surrounds it. The ComplyAdvantage database is peopled with individuals on sanction lists, or who are known to Interpol or appear on various different government watch lists, or on the lists of various regulatory bodies.
Not necessarily nefarious, they could be politically exposed persons with the power at their disposal to carry out crimes like money laundering. The database also collates people in the media who have committed fraud and other financial crimes, analysing thousands of sources and updating them continually. The company also screens transactions, typically involving remittance companies sending money overseas to unknown beneficiaries.
"When money is being sent overseas, it could be to ISIS – how do you know?" said Ball. "We are looking at patterns to spot suspicious networks. For example, multiple people sending money to the same person. We are monitoring thousands of different sources, from very structured government lists to unstructured media and everything between as well."
A tiny proportion of money laundered through the UK's financial system is identified and traced, less than a percent. The simple suspicious transaction report rule looking at people who send over £10,000 is circumnavigated by intelligent criminals using a bewildering array of methods. "You need to be able to look at your data model; look outside of just single payments to understand what the customer is expected to be doing, and where are the anomalies."
Ball points out that even when terrorists like the people involved in the Paris attacks for instance are in the media, it will often take months before they get on to any public government source. There is a need to help companies spot and react to things in more like real time.
He said that when banks switch on ComplyAdvantage they can often find existing customers that maybe they don't want to be doing business with. "We can build profiles of the low level criminals as well as the international terrorists. I guess everyone's got a profile on Victor Bout (sanctions-busting arms dealer), but if you are looking at an insurance policy, it's probably a useful indicator if this person committed insurance fraud a few years back and is in the press for that reason."
Ball is obviously sanguine about the term "RegTech" and more generally about the fintech revolution. He pointed out that fintech and regtech go hand in hand.
"With technology that's focused on on-boarding customers faster and executing payments faster and things like that you get a higher level of risk and you need better technology to be able to spot those types of things.
"In the case of smaller firms with a smaller compliance teams, for them to be able to do a job as effectively as a huge army of compliance people in a bank they need to have better technology. So I think the two go hand in hand."